Command Executor MCP Server
A Model Context Protocol server that allows secure execution of pre-approved commands, enabling AI assistants to safely interact with the user's system.
Sunwood-ai-labs
Tools
execute_command
事前に許可されたコマンドを実行します
README
<div align="center">
command-executor MCP Server
<img src="https://raw.githubusercontent.com/Sunwood-ai-labs/command-executor-mcp-server/refs/heads/master/assets/header.svg" alt="Command Executor MCP Server"/>
<a href="README.md"><img src="https://img.shields.io/badge/english-document-white.svg" alt="EN doc"></a> <a href="README.ja.md"><img src="https://img.shields.io/badge/ドキュメント-日本語-white.svg" alt="JA doc"/></a> </div>
A Model Context Protocol server for executing pre-approved commands securely.
🎥 Demo
https://github.com/user-attachments/assets/ed763a12-b685-4e0b-b9a5-bc948a590f51
✨ Features
- Secure command execution with pre-approved command list
- Configurable allowed commands through environment variables
- Built with TypeScript and MCP SDK
- Communication via stdio for seamless integration
- Error handling and security validations
- Real-time command output streaming
🚀 Installation
Install dependencies:
npm install
Build the server:
npm run build
For development with auto-rebuild:
npm run watch
⚙️ Configuration
🔒 Allowed Commands
By default, the following commands are allowed:
- git
- ls
- mkdir
- cd
- npm
- npx
- python
You can customize the allowed commands by setting the ALLOWED_COMMANDS environment variable:
export ALLOWED_COMMANDS=git,ls,mkdir,python
🔌 Claude Desktop Integration
To use with Claude Desktop, add the server config:
On MacOS:
~/Library/Application Support/Claude/claude_desktop_config.json
On Windows:
%APPDATA%/Claude/claude_desktop_config.json
Configuration example:
{
"mcpServers": {
"command-executor": {
"command": "/path/to/command-executor/build/index.js"
}
}
}
🛡️ Security Considerations
The command-executor server implements several security measures:
-
Pre-approved Command List
- Only explicitly allowed commands can be executed
- Default list is restrictive and security-focused
- Commands are validated by prefix to prevent injection
-
Command Validation
- Command prefix validation prevents command injection
- No shell execution for improved security
- Environment variables are properly sanitized
-
Error Handling
- Comprehensive error handling for unauthorized commands
- Clear error messages for debugging
- Failed commands don't crash the server
-
Environment Isolation
- Server runs in its own environment
- Environment variables can be controlled
- Limited system access
💻 Development
📁 Project Structure
command-executor/
├─ src/
│ └─ index.ts # Main server implementation
├─ build/
│ └─ index.js # Compiled JavaScript
├─ assets/
│ └─ header.svg # Project header image
└─ package.json # Project configuration
🐛 Debugging
Since MCP servers communicate over stdio, debugging can be challenging. We recommend using the MCP Inspector:
npm run inspector
The Inspector will provide a URL to access debugging tools in your browser.
🛠️ Tool API
The server provides a single tool:
execute_command
Executes a pre-approved command.
Parameters:
command(string, required): The command to execute
Example Request:
{
"name": "execute_command",
"arguments": {
"command": "git status"
}
}
Example Response:
{
"content": [
{
"type": "text",
"text": "On branch main\nNothing to commit, working tree clean"
}
]
}
Error Response:
{
"content": [
{
"type": "text",
"text": "Command execution failed: Command not allowed"
}
],
"isError": true
}
❌ Error Handling
The server provides detailed error messages for various scenarios:
-
Unauthorized Commands
{ "code": "InvalidParams", "message": "Command not allowed: [command]. Allowed commands: git, ls, mkdir, cd, npm, npx, python" } -
Execution Failures
{ "content": [ { "type": "text", "text": "Command execution failed: [error message]" } ], "isError": true }
🤝 Contributing
- Fork the repository
- Create your feature branch
- Commit your changes
- Push to the branch
- Create a new Pull Request
📄 License
This project is licensed under the MIT License - see the LICENSE file for details.
Recommended Servers
playwright-mcp
A Model Context Protocol server that enables LLMs to interact with web pages through structured accessibility snapshots without requiring vision models or screenshots.
Magic Component Platform (MCP)
An AI-powered tool that generates modern UI components from natural language descriptions, integrating with popular IDEs to streamline UI development workflow.
MCP Package Docs Server
Facilitates LLMs to efficiently access and fetch structured documentation for packages in Go, Python, and NPM, enhancing software development with multi-language support and performance optimization.
Claude Code MCP
An implementation of Claude Code as a Model Context Protocol server that enables using Claude's software engineering capabilities (code generation, editing, reviewing, and file operations) through the standardized MCP interface.
@kazuph/mcp-taskmanager
Model Context Protocol server for Task Management. This allows Claude Desktop (or any MCP client) to manage and execute tasks in a queue-based system.
Linear MCP Server
Enables interaction with Linear's API for managing issues, teams, and projects programmatically through the Model Context Protocol.
mermaid-mcp-server
A Model Context Protocol (MCP) server that converts Mermaid diagrams to PNG images.
Jira-Context-MCP
MCP server to provide Jira Tickets information to AI coding agents like Cursor
Linear MCP Server
A Model Context Protocol server that integrates with Linear's issue tracking system, allowing LLMs to create, update, search, and comment on Linear issues through natural language interactions.
Sequential Thinking MCP Server
This server facilitates structured problem-solving by breaking down complex issues into sequential steps, supporting revisions, and enabling multiple solution paths through full MCP integration.